Including Hackers in NATO Wargames

This essay makes the point that actual computer hackers would be a useful addition to NATO wargames:

The international information security community is filled with smart people who are not in a military structure, many of whom would be excited to pose as independent actors in any upcoming wargames. Including them would increase the reality of the game and the skills of the soldiers building and training on these networks. Hackers and cyberwar experts would demonstrate how industrial control systems such as power supply for refrigeration and temperature monitoring in vaccine production facilities are critical infrastructure; they’re easy targets and should be among NATO’s priorities at the moment.

Diversity of thought leads to better solutions. We in the information security community strongly support the involvement of acknowledged nonmilitary experts in the development and testing of future cyberwar scenarios. We are confident that independent experts, many of whom see sharing their skills as public service, would view participation in these cybergames as a challenge and an honor.

Tags: , , , , ,

Posted on January 29, 2021 at 12:03 PM20 Comments

Comments

Sam January 29, 2021 12:35 PM

A) What is a “hacker”? Do people think the military’s own uniformed/civilian/contractor security folks are not involved in these?
B) There are different type of cybersecurity exercises obviously, but an exercise designed to test your blue team defenders, is very different than an exercise designed to test the broader force, and the degree that attacks need to be real vs simulated is similarly different.

Jon January 29, 2021 2:16 PM

Now they just have to relax some of those employment qualification. You think you’re going to recruit a brilliant teenage rebel who’s never smoked pot? Or never been convicted? Ha! J.

PS – Of course, you might NOT want to hire those guilty of mass fraud – but hey.

6R1M 0R4CL3 January 30, 2021 7:54 PM

I am not interested.
First, we hackers, we already know we would wipe the floor with those military people asses. Their level is poor or mediocre most of the time, and never above mean average.

You guys talking of “hacking” have no idea how far we are compared to them. We have been doing this since we were under 10, and we are passionnate about what we do, from hardware to software knowledge and hacking.

Those morons think training will give them our edge ? Lol.

Second reason : if we participate, it will tell them how we do and approach things. Why would we give them such knowledge from our experience and hard work and tinkering ?

At school we have been pushed aside, brushed away as geeks, nerds. The ultimate “uncool people”. We could not even tell our own parents we also played role playing games, because of the stigma.

We grew up. In a world where software is all around, and as time goes, it is eating the world. And we have the knowledge and the keys to all those systems.

We don’t want to help the army. We don’t want to help the police or even the societies. We have the keys, we see, share your dataz and the more time goes on, the more hardware gets under our reach, especially those IoT that never get patched once out there.

At work we are not even considered better. Paid yes, but we have to suffer all those management morons that barely register as intelligent and we wonder how their stupid brains can keep them breathing. We spend most of our time trying to do a good job, with morons around and above with no clue, low intelligence, stuck on short term vision.

We see now that using your identity online can and will be used for witch hunts. Using handles always has been the good, the only choice. You think we will be allowed to participate in such “ganes” while keeping our identities and groups totally anonymous ? You think we are fools ?

We have been shunned from people, family, “friends” while growing up, and we were brilliant, curious, imaginative “hacking” and learning like sponges absorbing knowledge, all of it we could find.

We have been shunned at school where it’s not intelligence that is rewarded, but learning and vomiting back, following lines, staying well within the group and its mean mediocrity. Everyone sees that highly intelligent kids fail miseralbly at schools. all around the world. It’s not a place to grow and be great.

We have been shunned at work. Where we are almost seen like autists. We are told we talk too complicated, when we are really far from talking of complex subjects and we realize 50 % of the company could be fired, and everything would still be working fine because half of the people are middle-tier morons that have no place in the world of computing and IT. We are drowned in stupid decisions from dumb people, who got into this field because stupid companies went from command-line Unix-like systems to GUI and point and click that opened the door to unskilled people that should never had been accepted entry into our realm.

We quickly learned to hide. Hide from other kids, at school. Hide from all other people who we really are. We adopted handles, we exchange our feats, knowledge on Internet.

We grow up, our skills expanded greatly and the field of IT is so filled with dumb unskilled people it’s not even hard to get into systems, hack all around, and get data. As time goes, more and more data is accessible, and it does not get harder to hack adn get into systems. You have no idea how previously fixed CVEs keep coming back and work again on modern systems, thanks to stupid managers and unskilled “developers”.

I do like you, Bruce. You are intelligent, far above most people in your field. You, and Daniel B. you are stars far above the others there.

But when I did read that post, I had to laugh. The words that came to me ? “NO WAY”. No way we’re going to come and play with those that would love to know our real names, where we live. To suck our skills and knowledge. And for what ?

We’re not interested in money. Or power of such stupid petty material things.

We own the keys and the world is opening itself to us as more data gets online, as more software goes into every thing, everywhere.

As Tom Zarek said so well : we politely decline.

ATN January 31, 2021 9:26 AM

@Patriot:

there are people who still want to defend and support their country.

On a related subject, you can see that on the number of people working hard to combat coronavirus, medical and others doing overtime without real compensation.

I do not think this [coronavirus] level of response will happen if/when we get a really bad computer virus/malware, the kind which really disrupt internet banking (or even banking, not knowing how much you have in each bank account), disrupt electricity or Internet delivery, disrupt military command chain…
With software engineers, it will be more like the “Year 2000” response (for a lot of reasons, some of them valid).

ResearcherZero January 31, 2021 1:39 PM

China has fought wars longer than anyone. Rather than stir things up like the GRU and Iran, they prefer to let adversaries walk themselves into it, “Ambush by Ten Sides”.

ATN January 31, 2021 5:10 PM

@ResearcherZero:

China […] prefer to let adversaries walk themselves into it

Like offering 0% credit lines to most governments right now, easier to control them later on.
Who would like to lend money for nothing in return?

xcv January 31, 2021 7:43 PM

6R1M 0R4CL3 • January 30, 2021 7:54 PM

I am not interested.
First, we hackers, we already know we would wipe the floor with those military people asses. Their level is poor or mediocre most of the time, and never above mean average.

So you’re a “hacker” with a haircut. Do you really want a LEA (law enforcement agency) to put you in front of a computer screen under supervision to “hack” enemy / criminal networks, and they aren’t going to put you in prison for it when they deem you no longer useful for their current political purposes?

They apparently went soft in the military. It’s a MIC/PIC thing. Your bosses, supervisors, overseers, commanding officers and betters don’t want you doing anything on a computer that they aren’t completely familiar with themselves.

“Hacking” in the military, you’re going to get promoted to a higher rank than Pvt. Chelsea Manning? No. We’re not fooling ourselves here. People are full of shit in a court of law, and that goes for court-martial as well as federal/state/local/municipal district court.

Clive Robinson February 1, 2021 5:23 AM

@ ATN, Patriot,

The “UK” variant appeared in the region where there is most contact with European countries.

The best epidemiological evidence so far says it came from a major European country via “cross border workers” probably a vehicle driver. However there is no evidence as to if it orginated in that Europran Country or traveled through it from somewhere else (which is why I’m not mentioning the countries name).

Not that it took any great brains to work out that such a transmission vector was the most likely, I indicated why on this blog shortly after the B.1.1.7 variant was anounced. In part because I’ve been going on about boarder issues with trade since early last year and considering what we should do about it. Because this time last year before the “Herd Immunity Policy”(HIP)[1] gained political approval via economic argument from the truley short sighted and self interested, the only way out was to exterminate the virus by starvation. That was to rob it of hosts by very strong regional quarantining. Which has worked in quite a few places, but the shortsighted HIP gave the virus licence to run free and kill and maim millions with the mutation rate increasing with the number of people infected…

The big problem with regional quarantines is “Which Starves First, the people or the virus?” That is way too many nations can nolonger feed themselves, they are critically reliant on stocks and imports and due to “supply chain optimization” the only real stocks are those used as “futures markets” products, pretty much everything else is due to distribution forking in the supply chain.

So to ensure it’s the virus not us that goes extinct we need food and other essential trade to cross borders. Which means two disease vectors, the goods themselves as fomits especially with frozen foods, and the humans that move the goods from place to place, and unfortunatly due to the unusual way SARS2 works, are gighly infectious whilst not having any real symptoms…

without noting that most European health services do not sequence the ARN virus from ill people (so they cannot be the source of variants themself) is boring.

The UK with a population of about 1/100th of the worlds population, does just under 1/2 of the genomic sequencing in the world.

That said the UK does not genomically sequence 100% of positive tests, however there is a small Continental European nation that does… So we could do better.

Oh and as for the US the last time I looked which was pre-transition it was less than 1 in 3000 positive tests get genomicall sequenced and the actual numbers of people being tested was small as well. Which though it sounds dire is still better than quite a few first world countries and is known to be improving in both respects.

We also have to accept that probably half the countries in the world can not do sequencing, and a large number more can not do it on the scale needed for effective monitoring. It is a matter of priorities and the need for such sequencing ability is usually less than for gold finish Lamborghinis. And even that being a very priority with respect to can enough food be imported to keep people alive…

[1] I should mention that “Herd Immunity Policy” has little or nothing to do with the natural world “Herd Immuniry Effect” except in the quite deliberate conflation of names. I’ve been through it before and so have others on this blog. However the important thing to note about natural herd immunity is it only works with very low virulence pathogens where the “Infection Fatality Rate”(IFR) is down below that of the common cold. At the higher IFR of flu it becomes an annual tax on the human race killing hundreds of thousands, permant winter season fixture by animal reservoirs (this years flu is apparently more infectious but because of lockdowns etc the infection rate thus fatalities are lower than normal indicating that effective regional quarantine may be our only way out. As a pathogen increases in virulance it normally kills to quickly for it to spread in a natural environment thus it dies back into the disease reservoir it came from or just goes extinct. We now know that SARS2 is different to most viruses in that you are most infectious when you are presymptomatic, this means the kill before transmission effect is not realy there… It also means that the usual eveloutionary preasure to decrease a pathogens virulance is effectively removed. When you add to that we also know there is a wild creature reservoir with bidirectional transfere (human-mustelidaes-human) you can see that we have a problem, in that the infection rate which is exponential is outpacing our ability to vaccinate which grows much nearer to linearly. We have no choice, hard small region lockdowns are all that is going to work untill 80-90% of a regions population is sutably immunized by natural infection or by a jab in the arm. At the current rate on jabs in the arm we are going to be in regional quarantine measures for the next year or two at least. Some estimates say world immunization is five to ten years out…

ATN February 1, 2021 7:00 AM

@ Clive Robinson:

the only way out was to exterminate the virus by starvation. That was to rob it of hosts by very strong regional quarantining.

That should have been done in January 2020, that time has come and gone.
If there is one region on earth not quarantining the way you mean, the problem is not solved and you need to plan for re-entry (with potential worse effects due to human cells being less prepared).
The real solution to viruses has not change for the last millions years: natural Herd Immunity, even by direct infection or by vaccines for each mutation.
Sort term, isolation still help hospitals/morgues to cope.

JonKnowsNothing February 1, 2021 10:19 AM

@ATN @Clive @All

re: Country Regional Quarantine
If there is one region on earth not quarantining the way you mean, the problem is not solved

Countries that have pursued Eradication Policy have strong quarantines, strong trace track tests (TTT) programs which are generally easier to administer since they have fewer cases overall, they also have very keen insights into how the virus enters their environment. They also know that they cannot exit this strategy until they have 100% (or nearly) of their population vaccinated (with vaccines effective against all variants).

Countries following Eradication Policy, also a keenly aware that countries that follow Suppression Policies will continue to incubate COVID-19 Muts until either that group of countries has continuous 100% vaccination rate or achieved Herd Immunity Policy (HIP) with a regular die-off of their population.

Countries with Suppression Policies will face long quarantines, trade delays, tourism declines (both incoming and out going) and a host of negative economic factors. These negative economic factors are part of HIP and are outweighed by the benefits of continuous herd die off. If every year they kill n% of their population they reap both passive and direct rewards related to these deaths. (1a 1b)

re: Variant Names and Lineages

Variant names can be anything the sequencer defines and it can be renamed by any other sequencer. The “UK Variant” name is partially MSM but also designated by researchers in that area but it is known by other names to other researchers. It does not have anything to do with the lineage of the virus.

The Lineage of the virus is the phylogenetic tree of a particular virus. As the virus passes through the population, local variations are found. These local variations can be given Variant Names but there are tens of thousands of these sequences. Only a few have commonly known variant names.

Lineages are commonly grouped mutations that form the phylogenetic tree. These are designated by different methods and standards. You might see reference to Pangolin Lineage numbering or Wuhan Sequence numbering, among other methods. The numbers or references may change for a specific genome but they represent the same item in the tree. There are 3 main branches and they can be referenced differently but often you see: A B C as part of the name (B117).

MSM often confuses the two definitions. UK Variant, California Variant are tag names. B.1.1.7 is a lineage name. Particular lineages can be dominant in areas leading to the use of tag names.

Tag names and lineages are not the same a mutation markers. Mutation markers define the differences between lineages. When there are enough mutations that differ from an existing grouping, a new grouping can be created. There are naming conventions for this too. Only 3 levels are allowed before a new branch needs to be declared, such as the current naming of mutations in Brazil. B.1.1.28 has split into 2 distinct groups P.1 tagged Manaus Variant and P.2 tagged Rio Variant. The P.n name can change depending on usage and standards.
The mutation marker for these changes are N501Y and E484K. The E484K mutation marker occurs 100% in the P.1 Manaus Variant. (2)

Adding into the naming mix, COVID-19 mutates regularly around the globe. The same mutations rise and fall in different regions. The same mutation lineage B.1.1.28 is found in Japan and known as the “Japanese Variant” even though it has the same lineage as the B.1.1.28 Brazil version.

One take away is this: N501 is on the rise and will become the global dominant version (eta 03-04 2021). The 501 mutation together with other mutations are what makes the COVID-19 Muts more contagious and more lethal. It is still part of the D614G group that is currently dominant. Versions of the D614G lineage without the 501 mutation will die out, as did the original COVID-19 lineage from Wuhan when it was replaced by the D614G version.

Evolution Happens even when you don’t realize you are part of the process.

1a, see archive posts on the Bank of Mom and Dad for detail numbers.
1b, COVID-Muts affect younger people.

2, It maybe of interest that you can have COVID-19 P.1 and P.2 simultaneously or get them as back to back infections.

Clive Robinson February 1, 2021 12:21 PM

@ ATN, SpaceLifeForm

That should have been done in January 2020, that time has come and gone.

Whilst it should have been done this time last year, it was not and as @SpaceLifeForm can confirm there were several of us saying that in various ways, his was the frustration that planes kept flying “for economic reasons” that were obvioulsy futile even in the short term.

As data became available I worked out we needed a hard quarantine of just over a month to make the virus extinct, and that is still as true today, just 35 days of strict issolation would kill the virus in humans.

But we now have to consider there is a wild animal reservoir out there…

But as I noted the disease is infecting people at an increasingly exponential rate. Some have said that the doubling time of the three 501Y variants could be as little as seven days…

There is absolutly no way we can make enough vaccines, nor is there the hospital capacity upto it. In the UK the Case Fatalitr rate in hospitals has increased by 40% with the mean age being 60 years.

There is no way that healthcare can cope with that kind of growth rate and the only way we can slow down this wildfire is by putting in lots and lots of fire breaks. That means hard quarantine in an area by area basis. Australia has proved this during their winter as has New Zeland. Other places in the South China Seas have proved this from virtually day one.

Pasanger aircraft have to stop flying, likewise padanger ships long distance rail travel and road travel. The only stuff that should be moving is goods.

And they should be moved in a way that means neither people or virus comes with them.

Only when such measures are in place will we even stand a chance of getting things back under control.

Vacinating the world is going to take longer than most people think. At best it’s going to be atleast a year for first world nations to get to around 65-75% which with the new variants needs to be up in the 80_90% range for Herd Immunity, and another four years or so to get the poorest nations upto 60% with some nations like Pakistan may never get upto even 50% because of political infighting…

Do we just say “Aww F**k it” and let 20% of the first world population die and 40-50% of the rest of the world die? Over that duration or do we use regional quarantine and loose maybe 0.03% of population because we don’t alow abything other than accidental community spread and we keep the healthcare capacity for COVID at 10% or below?

These questions have to be answered not by self intetested short term thinkers out for themselves only but society at large, who at the end of the day the ones asking to roll the chamber of the revolver.

JonKnowsNothing February 1, 2021 12:52 PM

@Clive @ATN @SpaceLifeForm

re: That means hard quarantine in an area by area basis. Australia has proved this during their winter as has New Zealand.

There is a difference between the strategies of Australia and New Zealand.

NZ follows Eradication Policy. This is a zero tolerance of any COVID-19 active inside the country. All COVID-19 must be stopped at the borders.

Australia follows Suppression Policy. There are differences between the States and Territories vs their Federal Government. Some States follow Eradication Policy. The Federal Government is Suppression Policy. The Morrison Federal Government piggybacks on the efforts and successes of the States and Territories and then sabotages the results with classic neoliberal thinking. This results in Snap Lockdowns from COVID-19 outbreaks. The primary reason Australia has any success at all containing COVID-19 is due to the independence of their states and their ability to ignore Canberra.

ht tps://www.theguardian.com/australia-news/2021/feb/01/morrison-commits-19bn-to-australias-vaccine-rollout-as-he-prepares-to-withdraw-pandemic-payments

Morrison will say the government needs to exercise “the fiscal discipline necessary to ensure that we do not overburden future generations and continue to spend taxpayers’ money wisely” adding: “We are not running a blank-cheque budget.”

He will say the government crafted the fiscal response to the crisis with guardrails, including emergency measures that would be temporary “and accompanied by a clear fiscal exit strategy”.

“You can’t run the Australian economy on taxpayers’ money forever”.

(url fractured to prevent autorun)

Patriot February 1, 2021 8:17 PM

@Zhuangzi

Bushi! Ziganwu…

I am a very unlikely person to do so. Having spent much of my life there, and having been treated so well, it is easy for me to have a balanced view, perhaps even an objective view, which is rare.

The West is certainly in decline. It is better to acknowledge this fact and try to at least slow it down. The woke brigade are going to precipitate the downward plunge, and so I have decided to do what I can to pull us back from the edge.

Of course, information security applies directly to the West’s prosperity. By the way, Mr. Schneier has many important things to say about this. It’s worthwhile to read his books and essays.

Think about the complacency that enabled the attack on the OPM. The attackers were actually paid by the U.S. government to do it. Putting unqualified people into supervisory positions can be lethal, so note who the chief information officer was, and who was in charge of the department. Diversity is doubleplus good! The British just did the same kind of thing with Dido Harding, someone who was the boss on watch while hackers smashed the soft target she oversaw. Instead of having the grace to disappear from public view, she failed upwards into the British test and trace system, which quickly became a joke. Susan Rice?

What I am actually defending is the United States. I do not want to see it collapse or be dominated by less self-interested, more unified people who are clever and work hard–namely, the Chinese.

Hope. Yes, we can.

Patriot February 1, 2021 8:27 PM

@ATN

It is still strange to see that neither US nor European deciders can read the clear curves the UK health service has produced, showing the effect of the variant, and not taking any measures to be prepared – even if they have more than a month to prepare.

Definitely. I still have not figured it out. There is an article on the front page of the Times today about this. Johnson knew about the danger long ago but did little. Astonishing.

@Clive Robinson

The best epidemiological evidence so far says it came from a major European country via “cross border workers” probably a vehicle driver. However there is no evidence as to if it originated in that European country or traveled through it from somewhere else (which is why I’m not mentioning the countries name).

That is a good way to put it. And it did not just come once, but over and over.

Patriot February 1, 2021 8:35 PM

–Correction

The OPM hackers were paid by Uncle Sam to do some work, not to hack the entire system and reap an intelligence bonanza. Make no mistake, it was one of the worst counter-intelligence failures in all of history. It enabled a hammer blow.

JG4 February 2, 2021 9:39 AM

“Fought wars longer than anyone” would be pre-humans. Not that we haven’t been at it since inception, but our timescale is a factor of 10 smaller than the pre-human timescale. We’ve got another few hundred thousand years to get it right, unless the next one wipes us out.

JG4 • November 14, 2020 10:13 AM
https://www.schneier.com/blog/archives/2020/11/friday-squid-blogging-underwater-robot-uses-squid-like-propulsion.html/#comment-358684
File under “Further facets of the understanding that surpasses all peace.”

https://www.sciencealert.com/how-neanderthals-and-humans-battled-for-supremacy-for-over-100-000-years

This smacks of state-sponsored violence, but probably a police action rather than a war between tribes.

JG4 • October 11, 2016 5:49 PM
https://www.schneier.com/blog/archives/2016/10/murder_is_a_rel.html/#comment-284989
It depends on what you mean by “recent.”

430,000-year-old skull seems to show victim was bludgeoned to death

Tartare February 2, 2021 10:20 AM

@Clive

“We now know that SARS2 is different to most viruses in that you are most infectious when you are presymptomatic, this means the kill before transmission effect is not realy there… It also means that the usual eveloutionary preasure to decrease a pathogens virulance is effectively removed. When you add to that we also know there is a wild creature reservoir with bidirectional transfere (human-mustelidaes-human) you can see that we have a problem, in that the infection rate which is exponential is outpacing our ability to vaccinate which grows much nearer to linearly. We have no choice, hard small region lockdowns are all that is going to work untill 80-90% of a regions population is sutably immunized by natural infection or by a jab in the arm. At the current rate on jabs in the arm we are going to be in regional quarantine measures for the next year or two at least. Some estimates say world immunization is five to ten years out…”

This entire statement is harmful and fuil of misinformation. Do you have any shred of evidence that asymptomatic or pre-symptomatic spread is the key driver? I am not aware of any such evidence.

Please do not spread misinformation, it harms all of us – the evidence clearly points to asymptomatic and pre-symptomatic spread not being prevalent. Which invalidates most of the measures taken in the west. Don’t believe me, believe the British Medical Journal.

https://www.bmj.com/content/371/bmj.m4695

Your musings on needing 90% vaccination are fascinating, what data shows that being a necessity?

Clive Robinson February 2, 2021 11:32 AM

@ Tartare,

Have you actually read that BMJ article?

It’s only an observational collection of data on people who may or may not actually have covid in the early stages.

There is a truck load of difference between being pre symptomatic and infectious going on to having symptoms as you enter the non infectious feaver stage, yet you show the pressence of virus in both stages…

Im assuming you do not know this and do not understand the news article (not paper nor peer reviewed) as given with it’s myriad of disclaimers including a big give away of “may not” in the title and “Findings not generally applicable” as a sub title.

So unless you indicate otherwise I assume you’ve never been shown how to interpret such articles.

As for your other comnents very much the same can be said of you just appearing and making a comment much as Trumpisters / QAnon genuflectors and Other “there is no COVID” commenters have made on this blog on and off for the past year, or anti-vaxers more recently.

As for the 75%-90% go have a look about what is comming out of the CDC and others with respect the three 501 strains that are Kent / Brazil / South Africa, that are around half as infectious again and Canadian researchers have indicated may have a community infection doubling time of about a week rather than about a month as it has been with earlier prevelant strains they are now superceding.

JonKnowsNothing February 2, 2021 11:42 AM

@Tartare

re: Do you have any shred of evidence that asymptomatic or pre-symptomatic spread is the key driver

ht tps://www.snopes.com/fact-check/asymptomatic-covid-patients/

In sum, while the studies proved the rate of transmission between presymptomatic or asymptomatic COVID-19 patients appeared to be lower than that of symptomatic patients, the research did not confirm that infected people carry no risk of spreading the virus. In fact, public health officials say all COVID-19 patients, regardless of whether they show symptoms, are contagious. For those reasons, we rate this claim “False.”

There are some interesting aspects to COVID-19 positive asymptomatic, pre-symptomatic and those that appear “immune” but test for COVID-19 antibodies.

A recent MSM article.
ht tps://www.theguardian.com/australia-news/2021/jan/30/immunological-unicorn-the-australian-lab-growing-coronavirus-and-its-startling-discovery

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.